auth helpers on client

Hello, when using supabase auth helpers, the documentation states that a browser client should be created. after fiddling with that, I have observed that the SUPABASE_URL and the SUPABASE_ANON_KEY are sent to the client. Theoretically, one could track network activity and get these, and in turn use them to create a supbaseClient on their side, to create new users. How can we secure this?

Supabase Join

Supabase gives you the tools, documentation, and community that makes managing databases, authentication, and backend infrastructure a lot less overwhelming.

44,393Members

View on Discord